5094 matches found
WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting
WordPress eCommerce Product Catalog plugin before 3.0.39 contains a cross-site scripting vulnerability. The plugin does not escape the ic-settings-search parameter before outputting it back in the page in an attribute. This can allow an attacker to steal cookie-based authentication credentials an...
How GitHub gave every repository a durable owner
GitHub has over 14,000 repositories across our primary internal GitHub organization. As of early 2025, there were over 11,000 non-archived repositories, the vast majority of which with no clear owner. For repositories attached to production services, we have historically had robust durable...
Important: Red Hat Security Advisory: Red Hat Developer Hub 1.10.2 release.
Red Hat Developer Hub 1.10.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
CVE-2026-57360
Unauthenticated Cross Site Scripting XSS in eCommerce Product Catalog = 3.5.4 versions...
CVE-2026-57360 WordPress eCommerce Product Catalog plugin <= 3.5.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in eCommerce Product Catalog = 3.5.4 versions...
CVE-2026-57360
CVE-2026-57360 affects the WordPress plugin eCommerce Product Catalog (versions ≤ 3.5.4). The vulnerability is an Unauthenticated Cross Site Scripting (XSS) issue. The connected documents provide the affected product and vulnerability type, with no exploit details or remediation/version fix infor...
ECHO-6586-8B63-87BF
Bulletin has no description...
CGA-Q7GF-PCGX-7233
Bulletin has no description...
CGA-5H7P-CXM8-5HW4
Bulletin has no description...
CGA-J2V4-55FF-4QM8
Bulletin has no description...
CGA-56M5-52RG-2732
Bulletin has no description...
CGA-RQR6-VPF9-7M7M
Bulletin has no description...
MINI-QPR3-X7Q5-62X5
Bulletin has no description...
MINI-87PP-RRC4-GWHP
Bulletin has no description...
CVE-2026-48282
creationtimestamp| type| source ---|---|--- 2026-07-01 03:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpklnwud3g2a 2026-07-01 09:45:14+00:00| seen| https://www.cert.dk/news/2026-07-01/Kritiske-ColdFusion-saarbarheder-aabner-for-fuld-serverovertagelse 2026-07-01 13:00:13+00:00|...
MINI-28R4-4WHH-RFHW
Bulletin has no description...
CVE-2019-12988
creationtimestamp| type| source ---|---|--- 2026-06-30 14:18:36+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ed18ecdc-65e9-4d33-8aa2-106767b35a27...
CVE-2017-7876
creationtimestamp| type| source ---|---|--- 2026-06-30 14:18:26+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/78f5676b-e9fb-4677-aaf3-240da91541ff...
EDB-51096
creationtimestamp| type| source ---|---|--- 2026-06-30 12:40:32+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8f9a1b4c-8d3c-4bd8-880e-a3f250354907...
EDB-50775
creationtimestamp| type| source ---|---|--- 2026-06-30 12:40:27+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/219761c7-3d1a-4eeb-8fc2-e6365b513815...